deppilot
v0.1.0
Published
Dependency Upgrade Advisor — MCP server that tells you what will break before you upgrade
Maintainers
Readme
DepPilot
Dependency Upgrade Advisor -- an MCP server that tells you what will break before you upgrade.
What it does
DepPilot answers the question other tools don't: "Should I upgrade this dependency, what will break, and how do I fix it?"
- check_upgrade -- Analyze a specific package: latest version, breaking changes from changelogs, known vulnerabilities (via OSV.dev), and a risk assessment
- scan_project -- Scan all your dependencies at once, prioritized by urgency (vulnerabilities > deprecated > major changes > minor updates)
Install
Claude Code
claude mcp add deppilot -- npx deppilotClaude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"deppilot": {
"command": "npx",
"args": ["deppilot"]
}
}
}Cursor / Windsurf
Add to your MCP settings:
{
"deppilot": {
"command": "npx",
"args": ["deppilot"]
}
}Usage
Once connected, your AI agent can use these tools:
Check a specific package:
"Should I upgrade lodash? I'm on 4.17.21."
Scan your whole project:
"Read my package.json and scan all my dependencies for upgrade recommendations."
Data sources
- npm Registry -- package versions, metadata, deprecation status
- GitHub Releases -- changelogs, breaking change detection
- OSV.dev -- vulnerability database (CVEs)
No API keys required. All data sources are free and public.
License
MIT
